Just another WordPress.com site

FEP 2010 with Configuration Manager 2007 – Part 2

Alright, so here’s part 2 of my series just to get you started with using FEP 2010 on your SCCM console.

The first thing you will realise as soon as you open up your SCCM console and expand Collections, you will see a hierarchy of collection with its parent collection called FEP Collections. Underneath it you’ll find sub-collections each categorizing the state of the client like Definition Status, Deployment Status, Protection Status and Security Status just to name a few. Computers will end up in various collections depending on its state, for example if the virus definition is 5 days old, then it’ll end up in the collection where all computers that have its virus definition of up to 7 days old.

clip_image002

Next you’ll find 3 new packages that you did not create; FEP Deployment, Operations and Policies. One of the first things you need to do is to get the FEP client (which is the anti-virus engine) out to your computers. Just make sure you populate the DPs with the package and then create an advertisement to your target collection.

image

 

You’ll get a new node on the left pane for ForeFront Endpoint Protection where you’ll get a dashboard view of the different status as well as areas where you can configure email alerts; yeah finally a form of alerting! SMTP works fine for me.

clip_image002[5]

 

Here is where you can configure your SMTP settings for alerting purposes.

clip_image002[9]

 

Now to alerting. You can set a rule to send out an alert whenever the same malware/virus is detected probably signalling a virus outbreak. Here you’ll set the number of computers detected with the same virus before an alert is sent out.

clip_image002[11]

 

And whenever a computer has been detected with a virus, an alert can be sent out notifying the administrator.

clip_image002[13]

 

You might want to know if the same virus has been detected on a computer repeatedly within a certain interval; before being 24 hours.

clip_image002[15]

 

And you might want to also know if multiple viruses are hitting a computer over a certain interval.

clip_image002[17]

 

Here’s what I like. You can execute a quick/full scan on a client computer from the console.

clip_image002[19]

 

And yes it works by creating an advertisement in the background that will then execute on the client computer. Of course you can schedule the advertisement to re-occur, daily/weekly or whatever.

image

 

That’s it! That’s all for my overview of the FEP 2010 integration with Configuration Manager 2007. Please let me know if you have questions.

 

 

Enjoy!!!

About these ads

One response

  1. Brian

    Hi King,
    Good jobs!

    I have encountred the dashboard, show infected computers and I drilled it down, it brings to the infected collection, and i picked on of the infected computers, it shows the fep is not installed on a specific day, then I remotely control the infected machine, FEP 2010 was installed. i ran the collection and referesh the collection, it still does not update the dashboard (I ran the statistics update on teh FEP node as well).

    why it does not referesh the status the dashboard?

    thanaks for your prompt suggestion what i should look into.

    October 7, 2011 at 10:20 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 66 other followers